sasecurityfandomcom-20200214-history
LeaChe
Category:Sasecurity back to http://scratchpad.wikia.com/wiki/Sasecurity Leechtest command LeechTest adfasf I made the switch over a short period in my ISP --- enabled authentication on my mailserver, both 25 and 587 and told my customers it was mandatory if they wanted their mail forwarded. Then 2 months later closed off 25 connexions to off-net for everything except my designated relays, I had already turned off unauthenticated relay (you've done this already too) so the only issue was connecting to off-net relays, and malware. I didn't redirect 25 to my servers though, as some do. I think that's immoral in the same level as password snatching. Blocking 25 is now fairly standard practice amoungst consumer ISPs (and as mesh providers that's the space we're playing in) it is view as good anti-spam practice. 587 is only an issue with my customers who buy DSL elsewhere. 587 means they can legitimately send with their own domain without running into SPF problems. You (Kenny)'ve already got your own, but anyone on this list is free to use my mail set-up faq http://faq.oa5.com (provided you tell me of errors or even better, fix them: consider it creative commons licence) | Our server requires authentication for outgoing as well. | | I've considered changing this up just as you've described, but | unfortunately many of my clients are computer illiterate. When we connect | them to the internet, we set everything up before we leave. I've even got | instructions on our website (with pictures!), and everytime someone gets | a new computer I still have to visit them to set up email!! | | If I changed it over to port 587, it would have shut both of these pesky | bugs down - but doing so now would not be practical with the number of | people this would affect. Thanks for the suggestion though. | | Hindsight is always 20/20 :) BLOCK PORT 25 I made the switch over a short period in my ISP --- enabled authentication on my mailserver, both 25 and 587 and told my customers it was mandatory if they wanted their mail forwarded. Then 2 months later closed off 25 connexions to off-net for everything except my designated relays, I had already turned off unauthenticated relay (you've done this already too) so the only issue was connecting to off-net relays, and malware. I didn't redirect 25 to my servers though, as some do. I think that's immoral in the same level as password snatching. Blocking 25 is now fairly standard practice amoungst consumer ISPs (and as mesh providers that's the space we're playing in) it is view as good anti-spam practice. 587 is only an issue with my customers who buy DSL elsewhere. 587 means they can legitimately send with their own domain without running into SPF problems. You (Kenny)'ve already got your own, but anyone on this list is free to use my mail set-up faq http://faq.oa5.com (provided you tell me of errors or even better, fix them: consider it creative commons licence) Andrew --On Monday, May 16, 2005 10:08:54 -0500 Kenny Bain wrote: | Our server requires authentication for outgoing as well. | | I've considered changing this up just as you've described, but | unfortunately many of my clients are computer illiterate. When we connect | them to the internet, we set everything up before we leave. I've even got | instructions on our website (with pictures!), and everytime someone gets | a new computer I still have to visit them to set up email!! | | If I changed it over to port 587, it would have shut both of these pesky | bugs down - but doing so now would not be practical with the number of | people this would affect. Thanks for the suggestion though. | | Hindsight is always 20/20 :)